The Ransomware Ecosystem: Operators, Affiliates & Access Brokers

Presented by

Tim Mitchell - Senior Security Researcher, Threat Research, Secureworks

About this talk

When ransomware-as-a-service (RaaS) was introduced to the cybercrime landscape in the mid-2010s, it significantly lowered the bar to entry for cybercriminals. As a result, the scale of ransomware operations expanded, allowing cybercrime groups and their affiliates to exploit more networks resulting in higher revenue. Expertise also improved as each element of the process became specialized, making ransomware the formidable threat it is today. In this session, Senior Security Researcher and intel analysis lead for cybercrime Tim Mitchell will discuss why understanding and tracking the TTPs of everyone involved in ransomware operations is important, regardless of the variant. He’ll also outline why the attribution of precursor activity is important, and how accurately doing so can inform our customers and better protect them from ransomware.

Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (23)
Subscribers (12443)
We help protect organisations from today’s most pervasive cybersecurity threats. With us on your team, you’ll rest easy knowing your mission-critical assets are safe from threat actors.